API security

SecureSphere WAF deployed in front of API resources protects core applications by validating and monitoring API traffic, and leveraging SecureSphere features like Profiling and Content Inspection to identify and protect against malicious activity. The SecureSphere API Security feature set includes the following:

Profiling and Protecting API Protocols

API Content Inspection

Blocking Malicious Bot Activity and DDoS

Enforcing API Encryption

Enforcing Specific API Versions

Tracking API Users

Virtual patching for immediate remediation

SecureSphere WAF performs “virtual patching” for applications via vulnerability scanner integration. When a vulnerability is discovered, virtual patching actively protects applications instead of waiting for code to be modified. This reduces the window of exposure and lowers the costs of emergency fix cycles.

How Imperva SecureSphere WAF Works

Machine learning app profiling

Machine learning creates a positive security model of the application’s profile to avoid false-positives. SecureSphere dynamically learns normal application behavior and distinguishes it from the abnormalities of an attack.